Information Technology Reference
In-Depth Information
3 References
Anomaly detection to model normal behavior is implemented in the statistical
techniques [1][2]. Misuse detection to discover exploitation that is recognized by
a specific pattern or sequence of the events data observed is also performed in
the expert systems[3]. In [4][5], discussion is mainly based on how to classify the
predefined data.
4 Experimental Result and Adaptive Proxy Operation
4.1 Experimental Result
Experiments in the case where the false positive is frequently caused show that
the proposed method is functional with a recognition rate of attack less than
10%, while finding the unusual status. And also the result obtained from the
experiments turned out that our system can update profiles when anomaly de-
tector calls an alert and supress the alert of it next time when the same kind of
events occur.
4.2 Adaptive Proxy Operation
In proposed method, application gateway generates delay time to synchronize
with IDS. The amount of time between receiving request and sending data in
proxy server should be set same as the unit interval of intrusion detection.
Fig. 2. Adaptive coordination. Forwarding delay time in application gateway is syn-
chronized to detection intervals.
Consequently we can take more specific inspection or control of forwarding
data according to the output of IDS. And also it is possible to execute adaptive
Search WWH ::




Custom Search